Summary: Once it seemed like technology would slowly replace humans at whatever it was they did. Now a once-advocate of replacing humans with machines has changed his mind, and put humans back where they belong.
“It is insufficient to protect ourselves with laws, we need to protect ourselves with mathematics.”
In the early 90s Bruce Schneier published a book called Applied Cryptography and established himself as the premminent authority on security, giving him the weight to successfully lobby the government for the right of every American to use strong crypography. The above quote from his book captures the essense of Schneier's thinking at the time and reflected many other people's opinions, too: that the future will be defined as a world where as many human (read: unreliable) agents as possible will be replaced by (reliable) technology. This is the time when companies like General Magic believed we'd trust digital agents to chose our clothes and spend our money for us, and retailers would assign digital salesmen to barter with these digital agents. Well Bruce changed his mind.
Bruce's old view was that technology was more trustworthy, so technology should replace humans wherever possible and let organic things get on with the business of being organic while mechanical things stood by as the backbone of a new culture—something to lean on for support. But as Bruce came to understand better, this wasn't going to work for several reasons.
The first is fallibility, because it seems that no matter how well we build a widget, there's always some way to break or pervert it for another purpose. Schneier spent a good part of his life lobbying for the right to use unbreakable digital security, but the awful truth is that there's really no such thing. That can be hard for a young computer geek to accept, because it's easy to believe all defects can be fixed, and if you simply used rigorous enough design and testing methods you can theoretically produce 100% defect-free technology. This view is seductive because it hasn't been mathematically proven impossible for an engineer to make a flawless product.
But it has been mathematically proven impossible to know when you've made a flawless product. Ironically, veterans of digital encryption technology know this too well and will never trust a new cipher unless it has been rigorously tested for years. Cynically, they expect it to be breakable, but it can be useful if it's part of a larger system, and a whole bunch of people have tested it for its limits. It's the newcomers still wet behind the ears with college idealism who believe unbreakable security is just around the corner.
So what Bruce began to discover in the years after Applied Cryptopgraphy was published is that many people were building really bad security systems because they read his book and came away with the idea that if only they had the right magic algorithms dispensed by the master witch doctor, then eternal privacy would be theirs. This kind of belief was rudely dispelled with the Nicodemo Scarfo case, where the FBI neatly bypassed the Mafia gangster's high-grade “unbreakable” encryption software by sneaking into his house and attaching a keyboard sniffer on his home PC. The next time Scarfo sat down to type his pass-phrase, the FBI were able to capture every keystroke he made.
Scarfo's PC had no loyalty to its owner, so it couldn't refuse the FBI's instructions to capture and transmit his keystrokes. The same problem impacts law-abiding citizens, too, who are victimized by trojan horses spread through the Internet by email and other vectors. Technology is worse than neutral.
That leads to the second problem with a mathematical backbone for human society: we humans are unlikely to give it that kind of status. Even today the use of strong cryptography among email users is so low it's almost nonexistant. Security and privacy features are some of the last to be implemented by the developers of email software. E-commerce sites only create secure connections to your browser because the credit card companies require it, not because it significantly increases sales. In fact, most people are perfectly happy to send their credit card number unencrypted over the Internet, and barely understand what's going on when the little padlock appears at the bottom of the window. Schneier and his followers could have built a new backbone out of technology to replace human-to-human interactions with safer, more trustworthy human-to-computer or even computer-to-computer transactions, but it would whither with disuse.
Isaac Asimov created a fictional world in his book The Caves of Steel where there were two societies divided by the way they factored technology into their lifestyles. The first group were the Earth dwellers, who lived packed together in huge domed cities, bathed in communal bathhouses, dined in communal halls, and were deeply antagonistic towards robots. The second group were the Spacers, who had taken to colonizing other planets, had hundreds of acres of personal land per individual, barely ever talked to another human face-to-face, and relied utterly on the labor of robot assistants. You could say that the Bruce Schneier of the early 90s, along with other idealists, were on the same philosophical track as the Spacers.
The Spacer philosophy was this: don't do anything a robot could do for you better. Asimov was taking the same kind of philosophy Bruce once had, and extended it to the extreme to show what could happen. While the Spacer lifestyle looked pretty and clean and advanced, while the Earth dweller's lifestyle looked cramped and dirty and primitive, Asimov pointed out that the Spacers were deeply dysfunctional, and were setting themselves up for a massive disaster.
By replacing human interaction with robots, the Spacers soon lost the ability to accomplish basic everyday transactions themselves. They didn't know how to deal with other human beings because most of them had been raised since birth by robots in a sterile environment. When something happened to make the Spacers lose their trust in robots, their entire society collapsed because they had no backup plan. It's the absense of a backup plan that seems to be at the heart of Bruce Schneier's epiphany, and the reason why he dissolved his old company—Counterpane Systems—in 1999 and re-opened a new one—called Counterpane Internet Security—with a different mission.
The biggest problem with the way individuals have been using technology has nothing to do with the fact that it breaks, but that we don't have a very good recovery plan for when it does. Just as nobody uses the cryptography features of their email client, nobody puts much thought into backing up their hard drive, either. Most of us haven't had the same kind of epiphany as Bruce ended up having, which was that the reliability of any system is equal to the reliability of its contingency plan. On a long enough timeline, the probability of a component failure is 100%.
At an institutional and societal level we're pretty good at making sure there's always a backup plan. All of our children learn how to do arithmetic on paper before they're allowed to use calculators in exams, because sometimes pocket calculators break, or aren't available, and we'd all be up the creek without a paddle if we allowed a few generations to pass without learning how to do long division.
But institutions deal with component failure by considering the individual to be unreliable, and having been considered so expendable by their insitutions that might be the reason why individuals care so little for email security and backup tapes on their own computers.
The command centers at Counterpane Internet Security now have an array of biometric authentication devices and keypad entry systems at their doors, but these gadgets aren't at the heart of Bruce's operation anymore. In fact, he put them there only because it was necessary to make his clients think he knows his stuff, not because he's depending on them in any way. The heart of Counterpane, these days, is made up of the universe's ultimate technological widget: the cerebral cortex.
This is an era when everyone is hungry to get machines to replace humans for the job of monitoring. Face scanning technology, for example, has been a hot item since September 2001, but can we put our faith in it to identify terrorists in crowds? The makers seem to think so, the stadiums and airports that deploy it seem to think it's worth a shot, and then a television reporter shows that he can fool the computer just by putting on a pair of sunglasses. If any gadget we make is so damn unreliable, then what's the point of making them at all?
But the point is not to rely on them. Replacement of human beings isn't the goal. With very few exceptions, such as the invention of powered flight, technology has not enabled us to do anything we couldn't already do before, and has not eliminated the need for us to do it ourselves. It's just made things easier, cheaper, and more likely to succeed. Sometimes the things we consider impossible without technology really weren't impossible after all, just too arduous, costly, or risky.
The face-scanners being tried out at sports stadiums and airports aren't there to be relied on, but to narrow down lists of suspects and add an extra set of eyes to supplement the human eyes already on the job. If the component fails, then the system can keep working because—at the end of the chain—there's always a human with a pair of eyes scanning the crowds, too. And what Schneier realized wasn't being implemented in security systems, even after people had read his book, was any level of depth or redundancy or disaster planning. People were just installing PGP or something security-ish, kicking back with their feet up on the table and reckoning they had it all covered.
What Bruce now runs at Counterpane is simply a monitoring service, watching for a break-in anywhere on a customer's network. They don't rely on any particular fuzzy-logic Artificial Intelligence pattern recognition algorithms to spot an intruder, they just use guys watching screens. They're not total luddites, of course, but where they use technology it's to make their jobs easier, cheaper, and more likely to succeed, not to replace those jobs.
It seems, according to Bruce, that it's insufficient to protect ourselves with mathematics anymore. Rather we need to protect ourselves, and use mathematics to get a bit of help.
(These are discovered in real-time and sorted by newest first. See how to get listed.)
Have a response to something said on this page? Want others to see it after reading this article? This page can detect where a visitor is coming from and provide a permanent link back to it that all other visitors can see. Link to this article from the page where you've posted your response, and a reciprocal link to your page will be made automatically and for free.
More information is available for this service and even how to make individual paragraphs link back to you
All material published at this site, unless otherwise indicated, is Copyright © 2000 - 2004 Synesmedia, Inc. All rights reserved. No reproductions in any media are permitted without written and electronically signed permission from Synesmedia, Inc. Disenchanted occasionally features references to real people, companies and products for the purpose of satire.
Disenchanted is published by Synesmedia, Inc. Synesmedia also publishes Interchange Techniques